2022-03-10
:: Luke
#Anonymous Fox
#Fox Cyber Security
#FoxAuto
#FoxWSO
#Fox-CGI
#FoxEx
#FoxRSF
#olux
#xleet
#PHP
#Python
#threat actor
#website malware
There’s a good chance that Anonymous Fox has scanned your website for different vulnerabilities at least once during the last 12-16 months. The majority of hacked WordPress websites I’ve encountered over the last 14 months have evidence of Anonymous Fox activity. How do they do it?
2022-01-24
:: Luke
#images-cdn.info
#content-cdn.com
#tracking pixel
#phishing
#fraud
#countermeasures
#JavaScript
An interesting JavaScript phishing countermeasure used to alert organizations to the presence of new phishing pages found online so that they can quickly submit abuse reports to take them down.
2022-01-23
:: Luke
#effectivecpmgate.com
#ciandu5h
#_wpth-1
#WordPress
#JavaScript
#fraud
#website malware
Hackers use JavaScript injections to redirect visitors to specific websites to collect affiliate referrals.
2022-01-04
:: Luke
#ccfresh[.]co
#Stripe
#stripe_token_params
#Prestashop
#ecommerce
#skimmer
#JavaScript
#website malware
A basic JavaScript skimmer injected into a Prestashop website. Exfiltration domain: …
2021-12-30
:: Luke
#dyneff.fr
#Psigate
#psigate_cc_number
#t87588
#Magento
#ecommerce
#skimmer
#JavaScript
#website malware
Analysis of an obfuscated JavaScript skimmer designed to steal payment data entered into the Psigate gateway fields on the victim’s infected ecommerce website. Exfiltration domain: …